Anand,
one of the main reasons why WinPcap is a protocol driver is historical. When
WinPcap was started back in 1997-1998, Win9x and NT4 were the current
Windows releases available. And as far as I know there was no concept of IM
drivers. A protocol driver seemed the best (and only) solution to capture
packets. Consider that WinPcap was born and "raised" within a university,
and most all of the people involved in that development had very little
knowledge about driver development and NDIS. Everyone was learning.
During the years WinPcap evolved, many parts of the driver were completely
reviewed and rewritten from scratch to improve stability and performance,
but the original NDIS protocol architecture was kept. An IM driver would
probably give more power in some scenarios, e.g. when the machine has other
IM drivers on it, but also involves a complete development/testing cycle
that at the moment we (WinPcap Team) have not yet decided to do, given the
quite large numbers of WinPcap users.
I hope this gives you an idea why WinPcap is like it is.
Have a nice day
Gianluca Varenni
WinPcap Team
<anand.choubey@gmail.com> wrote in message
news:1181139172.913863.152480@g37g2000prf.googlegr oups.com...
